My case study in the clouds…

On the VMware VSX we can find an interesting addition to vRealize Operations Manager, this is the Trend Micro Deep Security Management (pack). The installation manual is clearly written that last supported version is really VMware Operations Manager 5.8.4. Fortunately this is partly true, after a slight modification in the script that installs the DSM certificate, can safely install the whole solution and use in vRealize Operations Manager 6.0.1. The procedure is very simple and does not differ greatly from the official installation instructions.

In the first step we have to log in through the console to vROPS, set a password for root and enable SSH. In the console need to switch screen (ALT + F1), the root password is blank (just press enter).

After running SSH, copy to vROPS import-cert script and Deep Security Manager certificate (if you have more in the cluster that is enough from one node). In the next step we need to modify the script to proper install the certificate in keystore or do it manually.

/storage/vcops/user/conf/ssl/storePass.properties (place them in a script instead of a password “oxygen”).

Run the script and install the certificate:

In the next step, we install DeepSecurityAdapter-1.0.0.pak in vRealize Operations Manager (Administration -> Solutions -> +). If you have more than one instance of vROPS (cluster) in during adapter configuration, you must choose the correct node (ie that on which you installed the DSM certificate).

After waiting time required for the analysis, we enjoy information on relevant dashboards.

EDIT 2016.03.02:

A new version of Deep Security Management Pack for vRealize Operations 6.x is available from Trend Micro (please email to deepsecurityvrops[at]trendmicro.com). Installation is exactly the same as the older version (including errors in the file importcert). The new version includes three Dashboards:

And it works without any problem with vCenter 6, vRO 6.2 and DSM 9.6.

Rate this article:

[Total: 1 Average: 5/5]

Related

Computer always, since I got a Commodore 64 at the end of primary school, through his beloved Amiga and Linux infinite number of consoles, until today, fully virtual day. Since 2001, Unix/Linux Systems Administrator, for seven years a faithful companion and protector of Solaris system, until his sad end. In the year 2011 came in the depths of virtualization, then smoothly ascended into the clouds and continues there today. Professionally working as Systems Architect in the Polish Security Printing Works.

Hello Herbert,
I have vROPS 6.1 (upgraded from 6.0) and DS 9.5.3, there is no problem with this configuration. In my lab I have 6.1/9.6 with VMCA as intermediate but I have not tested here this management pack. This error indicates that you need to have both certificates (ca and intermediate) in the both keystores (in vRO and DS).
Regards,
Piotr

If you want to try the newest management pack from trend, supported with vROPs 6.x, contact ‘rick_abbott [at] trendmicro.at’ or ‘deepsecurityvrops [at] trendmicro.com’. He wants to keep track of the customers using it.
Included is also a Loginsight content pack.

putrend1.cert is name of my certificate, you need to copy your own SSL cert from your DSM and then name it as you wish :-)
Next, edit importcert and replace this line: CERT=”/root/TrendMicro/manager.cer” with your cert.